###################################################################################################################

#    Standalone python script to test if target is vulnerable to CVE-2013-5211
#    Author: Animesh Jain
#    Usage: python ntp-monlist-vuln.py -h, prog [options] -i IP Address

###################################################################################################################
from optparse import OptionParser
import subprocess, re

usage=" prog [options] -i IP Address\n example: python ntp-monlist-vuln.py -i www.example.com\n example: python ntp-monlist-vuln.py -i 10.10.2.1 -p 80"
desc="This program will help user to test if target IP is vulnerable to NTP monlist Denial of Service Vulnerability by passing target ip and port\n. "
parser = OptionParser(usage=usage,description=desc);
parser.add_option("-i","--ip",help="IP Address",type="string",dest="ipAddress",action="store")
parser.add_option("-p","--port",help="Port number",type="int",dest="port",action="store")
pat = re.compile("^\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}$")
(options,args) = parser.parse_args();
if options.ipAddress is None:
        parser.print_help();
        parser.error('Invalid argument, IP Address is mandatory')
else:
        ipAddress = options.ipAddress
        validIP = pat.match(ipAddress)
        if validIP:
                port =  options.port
                # ntpcmd = "ntpdc -c monlist"
                p = subprocess.Popen(["ntpdc", "-c", "monlist", ipAddress], stdout=subprocess.PIPE)
                output, err = p.communicate ()
                #check if target is vulnerable or patched
                if "remote address" in output:
                        print output
                        print "**************************************************************************************"
                        print "Target appears to be vulnerable to NTP monlist feature Denial of Service Vulnerability"
                        print "**************************************************************************************\n"
                else:
                        print "************************************************************************************"
                        print "Target appears to be patched for NTP monlist feature Denial of Service Vulnerability"
                        print "************************************************************************************\n"
        else:
                print "Enter a valid IP Address"
~
